def request_to_fuzzable_request(req):
"""
This functions takes our crawler's request and converts it to the proper fuzzable request
"""
fuzzable_request = None
if req.isPOST:
fuzzable_request = httpPostDataRequest()
url = url_object(req.webrequest.getUrl().toString())
fuzzable_request.setURL(url)
dc = dataContainer()
for nv in req.webrequest.getRequestParameters():
name = nv.getName()
value = nv.getValue()
dc[name] = [value]
fuzzable_request.setDc(dc)
else:
# request is a GET
fuzzable_request = httpQsRequest()
url = url_object(req.webrequest.getUrl().toString())
fuzzable_request.setURI(url)
return fuzzable_request
def request_to_fuzzable_request(req):
"""
This functions takes our crawler's request and converts it to the proper fuzzable request
"""
fuzzable_request = None
if req.isPOST:
fuzzable_request = httpPostDataRequest()
url = url_object(req.webrequest.getUrl().toString())
fuzzable_request.setURL(url)
dc = dataContainer()
for nv in req.webrequest.getRequestParameters():
name = nv.getName()
value = nv.getValue()
dc[name] = [value]
fuzzable_request.setDc(dc)
else:
# request is a GET
fuzzable_request = httpQsRequest()
url = url_object(req.webrequest.getUrl().toString())
fuzzable_request.setURI(url)
return fuzzable_request
import sys
sys.path.append("/home/adamd/research/black-box/blackbox/crawler/audit")
sys.path.append("/home/adamd/research/black-box/blackbox/crawler")
print sys.path
from fuzzableRequest import fuzzableRequest
from httpQsRequest import httpQsRequest
from urlParser import url_object
from xss import xss
from plugin_wrapper import *
url = url_object("http://127.0.0.1/adam.php?test=blah")
fr = httpQsRequest()
fr.setURI(url)
plugin = xss("crawler")
plugin.audit(fr)
